Huawei Taurus-AL00A Firmware 10.0.0.1(C00E1R1P1)

CPE Details

Huawei Taurus-AL00A Firmware 10.0.0.1(C00E1R1P1)
huawei
taurus-al00a_firmware
10.0.0.1\(c00e1r1p1\)
2020-11-10
15h03 +00:00
2020-11-10
15h03 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:huawei:taurus-al00a_firmware:10.0.0.1\(c00e1r1p1\):*:*:*:*:*:*:*

Informations

Vendor

huawei

Product

taurus-al00a_firmware

Version

10.0.0.1\(c00e1r1p1\)

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-22304 2021-02-06 01h18 +00:00 There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service.
3.3
Low
CVE-2021-22293 2021-02-06 01h16 +00:00 Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1).
7.5
High
CVE-2021-22302 2021-02-06 01h03 +00:00 There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service.
7.1
High
CVE-2021-22303 2021-02-05 23h04 +00:00 There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service.
3.3
Low
CVE-2020-9093 2020-12-29 16h24 +00:00 There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application with common privilege. This would compromise normal service.
5.5
Medium
CVE-2020-9087 2020-10-12 11h31 +00:00 Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak.
5.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.